[development] DrupalWebTestCase and changing permissions of authenticate user role

Maarten van Grootel mvgrootel at gmail.com
Mon Aug 25 14:20:21 UTC 2008


Hi Nat,

That's not what it says, or at least not what's happening. It says that if
null, it receives the default permissions stated in _drupalCreateRole()
(which is array('access comments', 'access content', 'post comments', 'post
comments without approval') according to
http://api.drupal.org/api/file/modules/simpletest/drupal_web_test_case.php/7/source).
But, this does not influence the permissions every user receives by the hard
coded Authenticated User role. Not directly, but by association/inheritance.

This behavior is expected, because it's the Drupal way of permission
inheritance. But to test the behavior I still need to find a way to alter
the permissions not my newly created user+role, but of the global
Authenticated User Role. You can try it by removing 'post comments' from row
27 of comment.test. You'd expect al sorts of failures, because you just made
web_user not able to create comments, but everything passes effortlessly.

So if anybody has a way to change permissions of the 2 default roles from
within the testsuite, or has some other tips, it would be greatly
appreciated.

Maarten

This is contrary to what you expect when you create a user with only 'access
content' permissions.
On Mon, Aug 25, 2008 at 2:46 PM, Nathaniel Catchpole <catch56 at googlemail.com
> wrote:

> If you pass an array of permissions to drupalCreateUser() then it'll get
> those permissions, rather than the default ones for authenticated user. See
> the documentation here: http://drupal.org/node/265762
>
> Nat
>
>
> On Mon, Aug 25, 2008 at 12:39 PM, Maarten van Grootel <mvgrootel at gmail.com
> > wrote:
>
>> Hello all,
>>
>> I'm currently in the process of writing a 7.x patch to create the 'edit
>> own comments' permission, to give admins the option to prohibit editing of
>> comments. The functionality is working, but I would like to write a testcase
>> for it, just to be complete. Here I found either a limitation of my
>> understanding of the drupal testing framework, or a limitation of the
>> framework itself.
>>
>> Because the 'edit own comments' permission is on by default, (the
>> 'authenticated user' role has the permission checked by default), any user
>> created with drupalCreateUser($roles) will inherit the right to edit their
>> own comment. Therefore, I can't make a test that checks that a person gets a
>> 403 when trying to edit their post without the right permissions, because I
>> can't disable the permission in the testing environment.
>>
>> What I need, and can not find, is a function that will change the
>> role_permission values for the 'authenticated user'-role, something like
>> DrupalWebTestCase->drupalSetPermissions($role-id, $permissions).
>>
>> Am I right to conclude that this can't be done with the current state of
>> the Drupal WebTestCase? If so, do you have an idea how to solve this in an
>> other way, or should I just leave the testcase out of the patch?
>>
>> Thanks,
>> Maarten
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20080825/e70d4738/attachment.htm 


More information about the development mailing list